CVE-2024-49970
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-49970
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49970.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-49970
- Downstream
- Related
- Published
- 2024-10-21T18:02:19.694Z
- Modified
- 2025-11-28T02:35:46.232774Z
- Summary
- drm/amd/display: Implement bounds check for stream encoder creation in DCN401
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Implement bounds check for stream encoder creation in DCN401
'streamencregs' array is an array of dcn10streamencregisters structures. The array is initialized with four elements, corresponding to the four calls to streamenc_regs() in the array initializer. This means that valid indices for this array are 0, 1, 2, and 3.
The error message 'streamencregs' 4 <= 5 below, is indicating that there is an attempt to access this array with an index of 5, which is out of bounds. This could lead to undefined behavior
Here, engid is used as an index to access the streamencregs array. If engid is 5, this would result in an out-of-bounds access on the streamencregs array.
Thus fixing Buffer overflow error in dcn401streamencoder_create
Found by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn401/dcn401resource.c:1209 dcn401streamencodercreate() error: buffer overflow 'streamencregs' 4 <= 5
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49970.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/b219b46ad42df1dea9258788bcfea37181f3ccb2
- https://git.kernel.org/stable/c/bdf606810210e8e07a0cdf1af3c467291363b295
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49970.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-49970